A Platform Approach to Chipset Security Evaluation

For chipset manufacturers in the content protection market who would like to accredit their solutions by different CAS vendors such as NAGRA, Conax, Irdeto, Riscure provides a comprehensive generic chipset security evaluation which is in-line with CAS vendor requirements. Our generic chipset security evaluation is a developer-centric in-depth security evaluation that is endorsed by multiple CAS vendors. The evaluation becomes a platform that enables a vendor to certify related chipsets with a significantly reduced timeline.

Our product in a single hardware evaluation provides evaluation results that can be used for multiple certification efforts with different CAs. Thanks to Riscure position with different CAs, this product is the unique offering in the market. Building on the knowledge acquired by hardware evaluations, we also perform code reviews to provide additional assurance. Based on our knowledge of CA-specific requirements, we can perform CA specific addendums efficiently.

Benefits of working with Riscure

One evaluation that is endorsed by multiple CAS vendors.

Changes and adaptations to satisfy requirements can be easily attached to the main evaluation.

Evaluation of multiple chipset families.

Platform approach reduces time to market.

Constantly improving customer’s security skills for their long term success in the market.

The security evaluation for chipset towards CAs is separated in 3 stages. First, based on all CA requirements from different CA vendors our analysts perform vulnerability analysis (VA) and determine possible attack paths. The attack paths are communicated in a report. We place special attention to TEE HW to support TEE SW evaluation. In the second stage, both general SoC hardware, as well as TEE HW, are tested based on VA. Finally, TEE SW is reviewed. Any CA specific requirements are handled in separate projects.